Month: October 2008

The Long Now foundation took a field trip recently. The pictures are cool, as is the irony that they went to a trade show held once every four years. Miners have a time scale closer to the Long Now’s.

What does it mean that mining is a slowly changing industry? The economics of extractive industries push them that direction (capital investment is only warranted by a positive outlook in the commodity price). But workplace safety, which is a special case of universal human rights, demands that industries take advantage of the best available technology as fast as possible. This is an interesting story of the tension between capitalism and social welfare. If a mining regulator pushes an industry too much it will give up and move elsewhere. And apparently the mining industry is especially prone to regulatory capture an euphemism for corruption I especially like (like as in hate; in newspeak up is down, enslaved is free and corruption is regulatory capture).

I especially liked the observation by the Long Now guys that robotic technologies were notably absent from the mining technology convention. Something’s not working right here, either the regulation or the financial incentives for acting humanely towards your workers, or more likely both (as they are densely interrelated).

View source works on the various “internal” pages (i.e. the home page, the about:stats page, etc) so you can see how the magic happens

Read the comments in the home page to see how absolutely nutso over-the-top the programmer was about load time. He obsesses about the difference between 20ms and 100ms. You go, dude… make it fast!

Also in the home page, you can see that internal UI pages have access to a Javascript object called “chrome” that tells the page what to put on itself. (Attention bad guys: this is an attack surface. If you can find a way to get a handle to a chrome object, baddness ensues. So, please, don’t do that. Thanks.)

Embedded images, for example the logo on the home page, use the “data:” URL scheme to embed the picture’s data right into the page. Why? Performance? Or simplification.

If view source doesn’t work (like in the UI for “error 404”), then the inspector works, and will show you the source. (What’s the point of disabling view source? Setec Astronomy.)

In the inspector, you can click on things in the source and change them into input boxes, then you can change the source on the fly, and the results are shown in the page. Cool.

In about:stats, you can sort the columns by clicking on them. View source for a really nifty piece of Javascript I might lift and use someplace else myself.

About:network is totally cool. Click “Start I/O tracking” then go to another tab and load something. You get a trace of all the transactions. You can also click “Show current I/O status” to see which HTTP connections are open.

You have to type the about:foo URLs, if you click on them you don’t get anything. They are checking the referer.

It seems the film needs to be updated some to reflect the current state of the privatized English bus system:

First, be sure to find out which company has bought the route you want to ride from the government. Be careful not to buy a ticket for a competing service, it will be refused.

Don’t bother checking the schedules, your friendly First driver will come when he’s ready. In order to assure prompt and reliable First service, we will sometimes send three busses at a time. Sometimes you’ll have to wait 30 minutes or more on one of our “every 10 minute” lines, so as to ensure that three busses can travel together.

Be sure to wave at the bus driver as he passes you without stopping. Like that, you are sure he enjoys a pleasant and friendly day, without the bother of carrying passengers. Cheer up, there will be three more buses in 30 minutes!

In this case, it is pretty clear to me that be blockading Gaza on the Israeli border, the Israeli authorities have lost their capacity to control smuggling, not to mention lost tons of tax revenue and economic activity for Israeli businessmen. Clearly, Not Plan A.

This is a story a bit like mine from Chad, though we were not faced with bandits/rebels/soldiers directly. The feelings of shame and regret she has are related to the complicated feelings I had on leaving Chad as well.

In my case, we had nothing to be ashamed of — we took good care of ourselves and our staff and were not bad guests anywhere. But it does give you a sense of shame that as an expat you are different: you’re allowed to just go away, and your colleagues can’t.

New research shows that when people perceive they have no control over a given situation, they are more likely to see illusions, patterns where none exist and even believe in conspiracy theories. The study suggests that people impose imaginary order when no real order can be perceived.

The first caller reports on how the conditions he experienced working as an aid worker in Somalia showed this. Also, he comments on the rough ride back to normality after suffering a situation with loss of control.

Imran and I were talking at OpenCoffee Leeds the other day and we independently and together came up with this realization:

OpenID providers should be required to be OpenID consumers first.

Why? Well, the problem OpenID is trying to solve is “too many usernames”, which really equates to “too many authentication providers”. That means that the last thing we need is more stinkin’ authentication providers. OpenID providers who are not also OpenID consumers, are just making the problem worse.

Don’t believe me? Don’t understand me? Let’s try an example. User J controls his own domain name. For sake of example, call it “nella.org”. He wants to be his own authentication provider, and take back total, final control of his name online — he is tired of being jeff.allen here, jeff.r.allen there and jra99 in a third place. He just wants to be nella.org/jra forever, or at least for as long as he can afford to pay for the domain name. He’s also lazy, so he uses delegation, and at least that seems to work right (but read on).

He starts looking for places to use his shiny new OpenID. He can use it on his blog, because it is WordPress, and WordPress is an OpenID consumer. He can use it at SourceForge. Nifty. But that’s where it ends. He tries to use it to log in to Yahoo, but because Yahoo is an OpenID provider, he can’t associate his OpenID with his Yahoo account. He continues searching and continues finding the same thing — he’s already got 10 OpenIDs he doesn’t want, and can’t use the OpenID he does want!

Imran made the observation that the “before you generate, accept” rule is like the GPL: recursive in order to focus effort on building instead of competing. It occurs to me as I write this that it’s also like the Robustness Principle (which I prefer to remeber as Postel’s Law in order to commemorate a great man): Be conservative in what you do; be liberal in what you accept from others.

Blogger is a special case. First, Blogger authentication is the Google Account, so if Google was an OpenID consumer, then Blogger would be too. But they aren’t. Except they are, kind of, because one of the options in Blogger when leaving a comment is to login with OpenID. Which according to lots of people, works. For nella.org/jra it doesn’t work, and it seems to have something to do with delegation, because with my undelegated OpenID, it works. Memo to Blogger: stop adding buggy features to your site and hop the train down to Mountain View to visit the GooglePlex to help the Google Accounts team become OpenID consumers. That would fix your problem better and fix all the other Google properties as well.

Which brings me to my second proposed best practice: Test delegation, in every conceivable configuration!

Delegation is super-major-cool-magic, and if your site can’t do it right, then you are not doing OpenID right and pissing off the power users who should be complementing you.

PS: This is a commoncomplaint, so hopefully OpenID consumers are listening and will get off their ass and implement the actually useful side of the protocol. It’s not so hard… take WordPress as an example. When a new OpenID arrives, it creates an anonymous account, ties the OpenID to it, and lets the user login. Later, if they care enough, they finish setting up their account.

“It is better for us to be here than go for reintegration. The South Africans want to kill us and the government is trying to kill us. Reintegration’s a death sentence. We’d rather die here together,” said Johnny Kaka.

Shame on the African majority of South Africa that they’ve come to this: dehumanizing the African immigrants in their country. There’s no racism here, just nationalism and the simple human stupidity that comes from fear and greed. People on this planet can be remarkably rude to each other, and it’s just an accident of history or fashion if it is due to racism, nationalism, or tribalism. Until we learn to love “the other” as we love our own brother, we will not be able to stop it.

Wow, that was almost biblical. Perhaps this is where the human instinct for religion came from, not that I believe organized religion is really necessary to understand how to live a just life.

KINNE: And over the course of my time, as we slowly began to identify phone numbers and who belonged to what, one thing that gave me grave concern was that as we identified phone numbers, we started to find more and more and more numbers that belonged not to any organizations affiliated with terrorism or with military … with militaries of Iraq or Afghanistan or elsewhere, but with humanitarian aid organizations, non-governmental organizations, who include the International Red Cross, Red Crescent, Doctors Without Borders, a whole host of humanitarian aid organizations. And it also included journalists…

As a foreign-domiciled American, I have suspected for a long time that I’m in the surveillance net. But it is something else entirely to read the words from the whistleblower herself, naming my organization.

There’s some great points in that article. If you can bear it, take time to read it all. But above all don’t miss these points: